Commit graph

9793 commits

Author SHA1 Message Date
Manuel Pégourié-Gonnard 8a0944cb99 Fix renaming oversight in documentation 2019-07-02 15:12:29 +02:00
Manuel Pégourié-Gonnard e431563269 Remove backticks in doxygen in config.h 2019-07-02 15:12:29 +02:00
Manuel Pégourié-Gonnard f1c6ad4c5f Declare dependency on tickets for two ssl-opt.sh tests
See https://github.com/ARMmbed/mbedtls/issues/2712
2019-07-02 15:12:29 +02:00
Manuel Pégourié-Gonnard 26ac9c4d1f Exclude new negative options from config.pl full 2019-07-02 15:12:29 +02:00
Manuel Pégourié-Gonnard f130b1024a Restore config.h defaults
We want those changes only in config/baremetal.h, not in the default config.
2019-07-02 15:12:29 +02:00
Jarno Lamsa 29f2dd0a7b Address review comments 2019-07-02 15:12:29 +02:00
Jarno Lamsa dbf6073fa3 Fix ssl_cli resumption guards 2019-07-02 15:12:29 +02:00
Jarno Lamsa 4f74f6d301 Fix check-files, check-names and check-generated-features 2019-07-02 15:12:29 +02:00
Jarno Lamsa 0905c3da11 Add test to all.sh 2019-07-02 15:12:29 +02:00
Jarno Lamsa 18f0662541 Add changelog entry 2019-07-02 15:12:29 +02:00
Jarno Lamsa ac57e82c7d Doxygen for new config options 2019-07-02 15:12:29 +02:00
Jarno Lamsa 5b52b27519 Skip resumption tests if resumption not defined 2019-07-02 15:12:29 +02:00
Jarno Lamsa 5165169a05 Fix test issues 2019-07-02 15:12:29 +02:00
Jarno Lamsa 085e8a507e Enable new configs in baremetal config
Enable MBEDTLS_SSL_SESSION_CACHE and
MBEDTLS_SESSION_RESUMPTION in baremetal config.
2019-07-02 15:12:29 +02:00
Jarno Lamsa 59bd12bf14 Add new config MBEDTLS_SSL_SESSION_RESUMPTION
Add a new configuration option MBEDTLS_SSL_SESSION_RESUMPTION
to enable/disable the session resumption feature including
ticket and cache based session resumption.
2019-07-02 15:12:29 +02:00
Jarno Lamsa 590bf51cbb Enable MBEDTLS_SSL_SESSION_CACHE by default 2019-07-02 15:12:29 +02:00
Jarno Lamsa 7be14065e2 Add config MBEDTLS_SSL_SESSION_CACHE
Add configuration option MBEDTLS_SSL_SESSION_CACHE to control
enabling/disabling of the cache based session resumption.
2019-07-02 15:12:29 +02:00
Hanno Becker 410322f23e Fix guard controlling whether nested acquire calls are allowed
Resource counting as a safe-guard against nested acquire calls
is implemented if and only if MBEDTLS_X509_ALWAYS_FLUSH is disabled
_or_ MBEDTLS_THREADING_C is enabled.
2019-07-02 13:37:12 +01:00
Hanno Becker abd929c89c Merge branch 'mbedtls-2.16' into baremetal-2.16-01_07_19 2019-07-01 11:25:42 +01:00
Jaeden Amero 691aa961b1 baremetal: Use Oz when building with armclang
Oz is allowed to make size optimizations that make the code slower,
where Os isn't. Optimize with Oz, as we care more about having a small
code footprint than having fast code.
2019-07-01 11:21:36 +01:00
Hanno Becker 7ab8a2e2a0 Add X.509 CRT test for nested calls for CRT frame / PK acquire 2019-06-28 15:52:54 +01:00
Hanno Becker 69c303360e Don't return threading error on release()-without-acquire() calls
Previously, a call to mbedtls_x509_crt_xxx_release() would return
MBEDTLS_ERR_THREADING_MUTEX_ERROR if usage counter for the frame/PK
was 0. Now that resource counting can also be used outside of
threading support, this is no longer adequate, and this commit
changes the return code to MBEDTLS_ERR_X509_FATAL_ERROR; while
generic, this at least matches the top-level module.
2019-06-28 15:47:53 +01:00
Hanno Becker fc99a09cc4 Don't allow nested CRT acquire()-calls if MBEDTLS_X509_ALWAYS_FLUSH
Forbidding nested calls to acquire() allows to remove the reference
counting logic and hence saving some bytes of code. This is valuable
because MBEDTLS_X509_ALWAYS_FLUSH is likely to be used on constrained
systems where code-size is limited.
2019-06-28 14:48:32 +01:00
Hanno Becker a4bfaa8204 Make X.509 CRT cache reference counting unconditional
Previously, reference counting for the CRT frames and PK contexts
handed out by mbedtls_x509_crt_{frame|pk}_acquire() was implemented
only in case threading support was enabled, which leaves the door
open for a potential use-after-free should a single-threaded application
use nested calls to mbedtls_x509_crt_acquire().

Since Mbed TLS itself does not use such nested calls, it might be
preferred long-term to forbid nesting of acquire calls on the API
level, and hence get rid of reference counting in the interest of
code-size benefits. However, this can be considered as an optimization
of X.509 on demand parsing, and for now this commit introduces
reference counting unconditionally to have a safe version of
on demand parsing to build further optimizations upon.
2019-06-28 14:48:32 +01:00
Hanno Becker 94a94f6c33 Remove memory buffer alloc from i386 test in all.sh
Otherwise, the CI fails this test due to timeout.

The buffer allocator is tested e.g. in test_full_cmake_clang().
2019-06-28 14:48:32 +01:00
Hanno Becker b653aa3d16 Don't mention pk_sign() in the context of public-key contexts 2019-06-28 14:48:32 +01:00
Hanno Becker 2224ccf390 Don't use assertion for failures of mbedtls_x509_crt_x_acquire()
These functions may afil in a regular run, e.g. due to an out of memory
error.
2019-06-28 14:48:31 +01:00
Hanno Becker d92078fc55 Fix copy pasta in x509_crt.h 2019-06-28 14:48:31 +01:00
Hanno Becker 608de6a50d Reference copy-less versions of X.509 CRT frame/PK getters 2019-06-28 14:48:31 +01:00
Hanno Becker ed05888195 x509_crt.c: Add blank line to increase readability 2019-06-28 14:48:31 +01:00
Manuel Pégourié-Gonnard 4e24c449e2
Merge pull request #592 from ARMmbed/static_config_extended_ms
[Baremetal] Exemplify hardcoding of SSL configuration at compile-time in the example of ExtendedMasterSecret
2019-06-28 13:49:35 +02:00
Hanno Becker 35b86a872f [FIXUP] Fix bug in ASN.1 traversal of silently ignored tag 2019-06-25 10:41:34 +01:00
Hanno Becker 2656bfe9b0 [FIXUP] Fix typo in declaration of mbedtls_x509_memcasecmp() 2019-06-25 10:41:34 +01:00
Hanno Becker 08d341211d Move signature-info extraction out of MBEDTLS_X509_REMOVE_INFO
During rebase, the definition of ::mbedtls_x509_crt_sig_info
as well as x509_crt_free_sig_info() and x509_crt_get_sig_info()
were accidentally guarded by !MBEDTLS_X509_REMOVE_INFO.

This commit moves their definition outside of that guard.
2019-06-25 10:41:31 +01:00
Hanno Becker 040c564888 Fix certificate validity checking logic to work with !TIME_DATE
If MBEDTLS_HAVE_TIME_DATE is undefined, the functions
`mbedtls_x509_time_is_past()` and `mbedtls_x509_time_is_future()`
are still defined but return `0` (that is, no time is seen to in
the past or future). To maintain functional correctness, this
means that these functions have to be called in a way where
the condition being checked for is the erroneous one: Concretely,
one shouldn't check that a CRT's `validFrom` is in the past,
or that its `validTo` is in the future, because that would
fail if !MBEDTLS_HAVE_TIME_DATE. Instead, one should check
that `validFrom` is NOT in the future, and `validTo` is NOT
in the past. That was the logic previously, but an uncautious
change during transition to X.509 on-demand parsing has
changed it. This commit fixes this.
2019-06-25 09:11:11 +01:00
Hanno Becker 97aa4363e1 Simplify X.509 CRT version check in UID parsing
WHen parsing the CRT version, we already check that
version is either 1, 2, or 3, so checking whether
version == 2 or version == 3 is equivalent to
version != 1.
2019-06-25 09:11:11 +01:00
Hanno Becker 60785d113b Remove unused variable warning in on-demand X.509 parsing 2019-06-25 09:11:11 +01:00
Hanno Becker 7c5fbbeec0 Reduce number of parallel workers in X.509 CRT threading test
The previous tests used 100 parallel workers which for EC certificates
leads to a memory usage of more than 1Mb, hence leading to an out of memory
condition in tests using the memory buffer allocator which has a pool of 1Mb.

Use 25 workers but an increased number of iterations per worker instead.
2019-06-25 09:11:11 +01:00
Hanno Becker e908412a35 Simplify logic for issuer/subject ID parsing 2019-06-25 09:11:11 +01:00
Hanno Becker fd64f14ef9 Remove redundant CRT version check during CRT parsing 2019-06-25 09:11:11 +01:00
Hanno Becker 938a80507a Add MBEDTLS_X509_ON_DEMAND_PARSING to baremetal config 2019-06-25 09:11:11 +01:00
Hanno Becker b36a245654 Add comment to #endif indicating which condition was guarded 2019-06-25 09:10:57 +01:00
Hanno Becker 484caf0abc Consistently use (type *) instead of (type*) for pointer conversion 2019-06-25 09:10:57 +01:00
Hanno Becker 2ba9fbdfe9 Allow multiple concurrent readers for X.509 CRT frame and PK context
Previously, only one thread could access the parsing cache of an X.509 CRT
at a time. Firstly, this leads to significant performance penalties on
systems running many concurrent threads which share CRT structures --
for example, server threads sharing an SSL configuration containing the
server CRT. Secondly, the locking should be logically unnecessary, because
the threads are supposed to access the CRT frame and PK in a read-only,
or at least thread-safe manner.

This commit modifies the X.509 CRT cache implementation by allowing an
arbitrary number of concurrent readers, locking only the path of setting
up and clearing the cache.
2019-06-25 09:10:57 +01:00
Hanno Becker d687ef0a91 Move X.509 threading test to separate test suite
This allows to build the library + tests via `make` without
specifying `PTHREAD=1`, in which case the X.509 threading
test suite will be silently dropped.

This is analogous to the pre-existing handling of the example
application `ssl_pthread_server`, which is only build if `PTHREAD=1`
and silently dropped otherwise.
2019-06-25 09:10:57 +01:00
Hanno Becker 22cf255e09 Force linking of pthread in 'full config' tests in all.sh 2019-06-25 09:10:57 +01:00
Hanno Becker fa37d07a0d Make: Link test suites with pthread if PTHREAD is set 2019-06-25 09:10:57 +01:00
Hanno Becker 1ba602c2f6 CMake: Link test suites with pthread if LINK_WITH_PTHREAD set
The pre-existing LINK_WITH_PTHREAD CMake option controls whether
`pthread` should be linked into the library, but didn't apply
to the test suites so far.

This commit also links test suites to `pthread` in CMake-based
builds which have LINK_WITH_PTHREAD set.
2019-06-25 09:10:57 +01:00
Hanno Becker fd8b7bd63f Add concurrent X.509 CRT verification test
This commit enhances the X.509 parsing test suite by a test
which exercises multiple threads concurrently verifying the
same certificate with the same set of trusted roots.
2019-06-25 09:10:57 +01:00
Hanno Becker 4b70e12dde Document mbedtls_x509_crt_pk_{acquire/release}()
In contrast to mbedtls_x509_crt_frame_acquire(), the public key context
returned by mbedtls_x509_crt_pk_acquire() cannot be marked `const` because
the caller must be able to use it e.g. for mbedtls_pk_sign() and
mbedtls_pk_verify(), which don't have `const` input parameters.

Instead, return a non-`const` context, but explicitly state that callers
must use that context in a thread-safe way.
2019-06-25 09:10:57 +01:00